all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2022-34392 (supportassist_for_home_pcs)

Add to bookmarks
Feb. 11, 2023, 1:23 a.m. |

National Vulnerability Database web.nvd.nist.gov

SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information.

access access token cve expiration fetch for home home information non pcs refresh token reuse sensitive information session token vulnerability

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 5 months, 3 weeks ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Regional Leader, Cyber Crisis Communications

@ Google | United Kingdom
View on infosec-jobs.com

Regional Intelligence Manager, Compliance, Safety and Risk Management

@ Google | London, UK
View on infosec-jobs.com

Senior Analyst, Endpoint Security

@ Scotiabank | Toronto, ON, CA, M1K5L1
View on infosec-jobs.com

Software Engineer, Security/Privacy, Google Cloud

@ Google | Bengaluru, Karnataka, India
View on infosec-jobs.com

Senior Security Engineer

@ Coinbase | Remote - USA
View on infosec-jobs.com
View more jobs